By Roland Costea, Cybersecurity & Privacy Leader
Build Security Incident Response for GDPR data protection
Course description
FREE GDPR and Incident Response Templates & Documentation - Practical GDPR and Incident Response Blueprint
Take Security Incident Response approach in order to cover the Data Breach process required by GDPR Data Privacy Protection .
UPDATE: 8.5 hours of content
-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
In this course you will learn what Security Incident Response is and how it relates to GDPR Data Privacy, and if you are used to my style, you will do it from 3 perspective: theory, processes and technology.
You will be able to apply our security methodologies, security frameworks and security processes for your own environment.
The course is a complete A to Z, so we will cover everything that you need to know. In this way, we will first understand Security Incident Response challenges, difference between a NOC and a SOC (Security Operation Center) and how the latest can help in defining the Security Incident Response Process. We will follow up with GDPR Data Protection & Privacy relation and the impact of GDPR to Security Incident Response for any organization. We will learn about methodologies, frameworks, playbooks, we will draft 2 procedures and we will see how technology can help us in the roadmap.
And all of these are separate resources that you will get!
In the end, I will give an incredible collection of incident response free tools and resources I have build during time and i will teach how malware works, especially in the financial market.
The course is delivered in a mix of over the shoulder lessons and powerpoint presentations. So, either I show you clicks on the screen and how exactly you do different actions, or I present you the full concept using slides. On top of that, you will get downloadable resources that will help you in your journey.
I strongly recommend that you go through every lecture one time and then go back to the beginning and start to take action – in this way everything will get much more sense.
As a student of this course, you will also get regular updates and access to new additional lectures as they are added.
Related Skills
Course overview - 85
Welcome &Intro
Set your expectations
A first touch of what you will really get from this course
Course Resources
What is Incident Response and why do I need it
Incident Response Team
Incident Response Process and Procedures
Types of Security Incidents
Incident Response Tools - general
What is a SIEM?
Incident Response Training
What is automation in incident response
What is a NOC?
What is a SOC?
Integrated NOC and SOC
Mission, Team and Required Training
Types of SOC
Building a SOC
Cheat Sheets to help you in configuring your systems
GDPR intro
GDPR effects on Incident Response
How to create an effective Incident Response plan
GDPR Incident Response Process
Lets draft the IRM Procedure
How to treat data breaches
IRM1 - Worm Infection
IRM2 - Windows Intrusion
IRM3 - Unix_Linux Intrusion Detection
IRM4 - DDoS
IRM5 - Malicious Network Behavior
IRM6 - Website Defacement
IRM7 - Windows malware detection
IRM8 - Blackmail
IRM9 - Smartphone Malware
IRM10 - Social Engineering
IRM11 - Information Leakage
IRM12 - Insider Abuse
IRM13 - Phishing
IRM14 - Scam
IRM15 - Ransomware
Lessons learned by working in a SOC
A list of open source tools to use
6.3 ATP Incident Response
Today Challenges
Target and Distribution
Attack Methods
Infection Vectors
Targeted attacks against FIs
Mobile Platform & Email Scams
Takedowns and Conclusions
Past 3 decades of malware (part 1)
Past 3 decades of malware (part 2)
The architecture of financial malware
Zeus
Zeus GameOver
SpyEye
IceIX
Citadel
Carberp
Shylock
Bugat
Dyre
Dridex
Shifu
Tinba
Why Fraud Risk Engines Fail
How to bypass 2FA
Fraud Prevention Technology
Compliance and Legal issues
Customer Impact
Selecting the Right Cybercrime solution
Malware Detection
Malware Detection (advanced)
Malware Detection - how technology can help
Criminal Detection & Account Takeover
Account Takeover - Product Architecture
What about mobile banking
Simple Lab setup
XSRF attack
Compromising Public server
Break-In_Compromising the victim computer
Other Web Application Attack Example
Locky Ransomware
Gathering Info & Exfiltrate
Final thoughts and other documents
Learners who have already enrolled in this course
Meet your instructor
Course by this author
- Roland CosteaBuild EU GDPR Data Protection & Privacy compliance from scratch (CIPT)10h 35m of content